package com.websocketdemo.demo.WebSocket.security;

import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

//@Configuration
//@EnableWebSecurity//启动spring security

public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
//        http.headers()//页面使用ifranme时使用配置
//                .frameOptions().sameOrigin()
//                .httpStrictTransportSecurity().disable();
        http.authorizeRequests()
//                .antMatchers("/index").hasAnyAuthority("user")//拥有all，read权限时可以访问
                .antMatchers("/main.html").hasAnyAuthority("user")

                .antMatchers("/main").hasAnyAuthority("user")
                .antMatchers("/register.html").hasAnyAuthority("user")
                .antMatchers("/register").hasAnyAuthority("user")
                .antMatchers("/reset-password.html").hasAnyAuthority("user")
                .antMatchers("/reset-password").hasAnyAuthority("user")
                .antMatchers("/login").permitAll()//代表login不需要拦截
                .antMatchers("/403").permitAll()//代表login不需要拦截
                .antMatchers("/index.html").permitAll()//代表login不需要拦截
                .antMatchers("/yanzheng").permitAll()//代表login不需要拦截
//                .antMatchers("/index.html").permitAll()//代表不需要拦截
                .antMatchers("/**").fullyAuthenticated()//所有路劲要拦截
                .and()
                .formLogin()
                .loginPage("/login")
                .loginProcessingUrl("/yanzheng")//自定义登良路接口地址
                .successForwardUrl("/403.html");
//                .failureUrl("/error_page");
    }
    @Bean//注入PasswordEncoder
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();//进行密码多次的MD5加盐
    }

}
